Electronic access control system

ABSTRACT

A system includes one or more memory devices storing instructions, and one or more processors configured to execute the instructions to perform steps of a method. The system may receive an authentication request from a computing device and determine whether the authentication request corresponds with stored authentication data. Based on the determination, the system may store identification data associated with a smart device corresponding to the authentication request. The system may receive detection data when the smart device is detected within a predetermined area and, in response to a detection, obtain an identifier from the smart device. The system may determine whether the obtained identifier corresponds with the stored identification data. Based on the determination, the system may direct an electronic lock to transition from a locked state to an unlocked state.

CROSS-REFERENCE TO RELATED APPLICATION

This application is a Continuation of U.S. patent application Ser. No.15/371,821, now allowed, entitled “Electronic Access Control System”,filed Dec. 7, 2016, which claims the benefit of U.S. ProvisionalApplication No. 62/263,801, entitled “Electronic Access Control System”,filed Dec. 7, 2015, the entire contents and substance of all of whichare fully incorporated by reference.

BACKGROUND

Checking-in and accessing a room at a temporary dwelling (e.g., a hotel,resort, etc.) is currently a multi-step process for guests. Guests mustfirst stop at the hotel front-desk and wait in line to check-in andreceive their key card before heading to their hotel room and swipingthe key card to unlock the corresponding room. Even if the guestscheck-in to the hotel ahead of their arrival, they must still wait toreceive their key card before they can access their hotel room, addingundesirable wait time for the guests and increasing the burden on thehotel front-desk staff. After obtaining their hotel room key card,guests are tasked with carrying and keeping track of an extra plastickey card for the duration of their stay, further inconveniencing theguests. Making matters worse, plastic key cards frequently experienceperformance issues due to their low quality construction (e.g., lowcoercivity mag stripes on the back of most hotel key cards are low costbut prone to de-magnetization upon exposure to electronic devices) anddamage during the guests' stay, sometimes requiring the guests to make arepeat trip to the hotel front-desk for a replacement key card.

To expedite the hotel check-in process and improve the reliability ofhotel key cards, some hotels are experimenting with contactless doorlocks (e.g., door locks that use Near Field Communications “NFC,”Bluetooth Low Energy “BLE,” or Radio Frequency Identification “RFID”technologies). For example, some hotels are providing guests with aphysical contactless key card for unlocking the contactless door locksto access their rooms. While helpful in overcoming issues with swipingthe plastic key cards, providing the guests with a physical contactlesskey card fails to reduce the burden on the guests and hotel staff ofchecking-in and carrying the card.

Accordingly, there is a need for improved devices, systems, and methodsthat expedite the process for hotel guests to check-in and access theirhotel room and reduce the inconvenience on hotel guests of carrying (andnot losing) an extra key card, and embodiments of the present disclosureare directed to this and other considerations.

SUMMARY

Disclosed embodiments provide systems and methods for authenticating apassive smart device for unlocking an electronic lock (e.g., an entrywaylock for a hotel room, resort room, or other temporary dwelling).

Consistent with the disclosed embodiments, the system may include one ormore memory devices storing instructions, and one or more processorsconfigured to execute the instructions to perform steps of a method toauthenticate a smart device for unlocking an electronic lock (e.g., toaccess a locked hotel room). The system may execute the instructions toreceive an authentication request from a computing device. Theauthentication request may include identification (“ID”) data associatedwith the smart device. In response, the system may determine whether theauthentication request corresponds with stored authentication data.Based on this determination, the system may store the ID data associatedwith the smart device to authenticate the smart device so that it may beused to unlock the electronic lock.

Consistent with the disclosed embodiments, methods for authenticating asmart device for unlocking an electronic lock are also provided.

Further features of the disclosed design, and the advantages offeredthereby, are explained in greater detail hereinafter with reference tospecific embodiments illustrated in the accompanying drawings, whereinlike elements are indicated be like reference designators.

BRIEF DESCRIPTION OF THE DRAWINGS

Reference will now be made to the accompanying drawings, which are notnecessarily drawn to scale, and which are incorporated into andconstitute a portion of this disclosure, illustrate variousimplementations and aspects of the disclosed technology and, togetherwith the description, serve to explain the principles of the disclosedtechnology. In the drawings:

FIG. 1 is a block diagram of a mobile computing device, such as asmartphone, in accordance with an example implementation of thedisclosed technology;

FIG. 2 is a block diagram of an active smart device, in accordance withan example implementation of the disclosed technology;

FIG. 3 is a block diagram of a passive smart device, in accordance withan example implementation of the disclosed technology;

FIG. 4 is an overview of an environment illustrating components,including an active smart device, that may be used in an exampleimplementation of the disclosed technology;

FIG. 5 is an overview of an environment illustrating components,including a passive smart device, that may be used in an exampleimplementation of the disclosed technology;

FIG. 6 is a flowchart of one method of using a mobile computing devicewithin an electronic access control system, in accordance with anexample implementation of the disclosed technology;

FIG. 7 is a flowchart of one method of using an active smart devicewithin an electronic access control system, in accordance with anexample implementation of the disclosed technology;

FIG. 8 is a flowchart of one method of using an active smart device toinitiate communications within an electronic access control system, inaccordance with an example implementation of the disclosed technology;

FIG. 9 is a flowchart of one method of using a passive smart devicewithin an electronic access control system, in accordance with anexample implementation of the disclosed technology;

FIG. 10 is a flowchart of one method of authenticating and using apassive smart device within an electronic access control system, inaccordance with an exemplary implementation of the disclosed technology;and

FIG. 11 is a flowchart of one method of multi-level authenticating andusing a passive smart device within an electronic access control system,in accordance with another exemplary implementation of the disclosedtechnology.

DETAILED DESCRIPTION

Some implementations of the disclosed technology will be described morefully with reference to the accompanying drawings. This disclosedtechnology may, however, be embodied in many different forms and shouldnot be construed as limited to the implementations set forth herein. Thecomponents described hereinafter as making up various elements of thedisclosed technology are intended to be illustrative and notrestrictive. Many suitable components that would perform the same orsimilar functions as components described herein are intended to beembraced within the scope of the disclosed electronic devices andmethods. Such other components not described herein may include, but arenot limited to, for example, components developed after development ofthe disclosed technology.

It is also to be understood that the mention of one or more method stepsdoes not preclude the presence of additional method steps or interveningmethod steps between those steps expressly identified. Similarly, it isalso to be understood that the mention of one or more components in adevice or system does not preclude the presence of additional componentsor intervening components between those components expressly identified.

The disclosed embodiments are directed to systems and methods forauthenticating a passive smart device for unlocking an electronic lock(e.g., an entryway lock for a hotel room, resort room, or othertemporary dwelling). The system may include one or more memory devicesstoring instructions, and one or more processors configured to executethe instructions to perform steps of a method. Specifically, in someembodiments, the system may allow a hotel guest (or soon-to-be guest) toauthenticate her passive smart device (e.g., a payment card having NFC,BLE, or RFID technologies) and use it to access her hotel room. Toaccomplish this, the system may execute the instructions to receive anauthentication request from a computing device (e.g., the hotel guest'ssmart phone or personal computer). The authentication request mayinclude identification (“ID”) data associated with the passive smartdevice. In response, the system may determine whether the authenticationrequest corresponds with stored authentication data. In someembodiments, for example, this may involve confirming that theauthentication request came from a stored phone number associated withthe hotel guest, confirming that the passive smart device ID informationis associated with stored payment information (or other storedinformation) for the hotel guest, or another verification of thecomputing device and/or passive smart device. Based on thisdetermination, the system may store the ID data associated with thepassive smart device. At this point, the passive smart device isauthenticated and may be used to unlock the electronic lock.

When the passive mobile device enters a predetermined location range(e.g., enters within a predetermined distance of the hotel room door),the system may detect the passive mobile device or receive detectiondata corresponding to a detection. In response to a detection, thesystem may obtain an identifier from the passive mobile device anddetermine whether the obtained identifier corresponds with the stored IDdata. In this fashion, the system may confirm that the passive mobiledevice is authenticated with respect to the electronic lock of theapproached hotel room door. Based on this determination, the system maydirect the electronic lock to transition from a locked state to anunlocked state, thereby allowing the hotel guest to access her room.

In another aspect, a non-transitory computer-readable medium storinginstructions is disclosed. The instructions, when executed by one ormore processors, may cause a mobile computing device to perform steps ofa method for authenticating a smart device. Specifically, the mobilecomputing device may obtain check-in information for a user, transmitthe check-in information to a key server, and obtain key data from thekey server. The mobile computing device may also establish electroniccommunication with a smart device, and transmit the key data and the atleast one key limitation to the smart device. In some embodiments, theelectronic communication established with the smart device providespower to a power collection circuit on the smart device.

In yet another aspect, a smart device is disclosed including aprocessor, an energy storage device, a wireless transceiver, and memory,operatively connected to the processor. The memory includes instructionswhich, when executed by the processor, may cause the smart device toperform steps of a method for transmitting a key (which may containencrypted information) to an electronic lock. Specifically, the smartdevice may wirelessly pair with a mobile computing device, and obtain anencrypted key and at least one encrypted key limitation from the mobilecomputing device. The smart device may also obtain a wireless servicecommunication request from a lock. In response, the smart device maydetermine whether the at least one encrypted key limitation has beenmet, and based on the determination, transmit the encrypted key to thelock.

In a further aspect, a computing device is also disclosed including aprocessor, an energy storage device, at least one wireless transceiver,at least one user input device, and memory. The memory includesinstructions which, when executed by the processor, may cause thecomputing device to perform steps of a method for transmitting a key(which may contain encrypted information) to a smart device.Specifically, the computing device may obtain remote check-informationfrom a user, and transmit the remote check-in information to anencrypted key server. The computing device may then obtain an encryptedkey from the encrypted key server and generate at least one encryptedkey limitation. The computing device may wirelessly pair with a smartdevice, and transmit the encrypted key and the at least one encryptedkey limitation to the smart device.

Reference will now be made in detail to exemplary embodiments of thedisclosed technology, examples of which are illustrated in theaccompanying drawings and disclosed herein. Wherever convenient, thesame references numbers will be used throughout the drawings to refer tothe same or like parts.

FIG. 1 illustrates a computing device 100 that may be used to implementthe disclosed technology. The device 100 may be used to implement, forexample, one or more components of the system shown in FIGS. 4 and 5, asdescribed in greater detail herein. As another example, the device 100may be used to implement the methods of FIGS. 6-9, as described ingreater detail herein. In some implementations, the computing device 100may be a mobile computing device, such as a smart phone, tabletcomputer, smart wearable device, or portable laptop computer. In anotherembodiment, the computing device 100 may be a stationary computingdevice, such as a stationary desktop or laptop computer.

In some embodiments, the computing device 100 may include one or moreprocessors 102 operatively connected to a storage component 104, one ormore user input devices 106, a display 108 (or a display interface), aperipheral interface 110, a short-range transceiver 112, a mobilenetwork interface 114 in communication with processor 102, a bus 120configured to facilitate communication between the various components ofthe computing device 100, and a power source 130 configured to power oneor more components of the computing device 100. Optionally, thecomputing device 100 may further include a sound interface 122, a camerainterface 124, a telephony subsystem 126, and an antenna interface 128.

The processor 102 may include one or more of a microprocessor,microcontroller, digital signal processor, co-processor or the like orcombinations thereof capable of executing stored instructions andoperating upon stored data. The storage component 104 may include, insome implementations, one or more suitable types of memory (e.g. such asvolatile or non-volatile memory, random access memory (RAM), read onlymemory (ROM), programmable read-only memory (PROM), erasableprogrammable read-only memory (EPROM), electrically erasableprogrammable read-only memory (EEPROM), magnetic disks, optical disks,floppy disks, hard disks, removable cartridges, flash memory, aredundant array of independent disks (RAID), and the like), for storingfiles including an operating system, application programs (including,for example, a web browser application, a widget or gadget engine, andor other applications, as necessary), executable instructions 116 anddata 118. In one embodiment, the processing techniques described hereinare implemented as a combination of executable instructions and datawithin the storage component 104.

The user input device 106 may include any mechanism for providing userinput to the processor(s) 102. For example, in some embodiments, theuser input device 106 may include a keyboard, a mouse, a touch screen, atrackball, a directional pad, a track pad, a touch-verified track pad, apresence-sensitive track pad, a presence-sensitive display, a scrollwheel, a digital camera, a digital video camera, a web camera, amicrophone, a sensor, a microphone and suitable voice recognitionapplication, or any other means whereby a user of the device 100 mayprovide input data to the processor(s) 102. In other embodiments, theuser input device 106 may include a user input device interfaceconfigured to receive or communicate with a user input device. Forexample, the user input device 106 may serve as a keyboard interfacethat provides a communication interface to a physical or virtualkeyboard. In other exemplary embodiments, the user input device 106 mayserve as the sound interface 122 and/or the camera interface 124 topresent information to a user and capture information from a device'senvironment including instructions from the device's user. As additionalexamples, input components may include an accelerometer (e.g., formovement detection), a magnetometer, a digital camera, a microphone(e.g., for sound detection), an infrared sensor, and an optical sensor.

The display 108 may include any conventional display mechanism such as aflat panel display, projector, or any other display mechanism known tothose having ordinary skill in the art. In some embodiments, the display108, in conjunction with suitable stored instructions 116, may be usedto implement a graphical user interface. In other embodiments, thedisplay 108 may include a display interface configured to receive orcommunicate with one or more external displays.

The peripheral interface 110 may include the hardware, firmware and/orsoftware that enables communication with various peripheral devices,such as media drives (e.g., magnetic disk, solid state, or optical diskdrives), other processing devices, or any other input source used inconnection with the instant techniques. In some embodiments, theperipheral interface 110 may include a serial port, a parallel port, ageneral purpose input and output (GPIO) port, a game port, a universalserial bus (USB), a micro-USB port, a high definition multimedia (HDMI)port, a video port, an audio port, a Bluetooth port, a near-fieldcommunication (NFC) port, another like communication interface, or anycombination thereof.

In some embodiments, the short-range transceiver 112 may be configuredto communicate with compatible devices and ID tags when they are withina predetermined range. The short-range transceiver 112 may be compatiblewith one or more of: radio-frequency identification (RFID), near-fieldcommunication (NFC), Bluetooth®, low-energy Bluetooth® (BLE), WiFi™,ZigBee®, ambient backscatter communications (ABC) protocols or similartechnologies.

The mobile network interface 114 may provide access to a cellularnetwork, the Internet, or another wide-area network. In someembodiments, the mobile network interface 114 may include hardware,firmware, and/or software that allows the processor(s) 102 tocommunicate with other devices via wired or wireless networks, whetherlocal or wide area, private or public, as known in the art. The powersource 130 may be configured to provide an appropriate alternatingcurrent (AC) or direct current (DC) to power components.

In exemplary embodiments of the disclosed technology, the computingdevice 100 may include any number of hardware and/or softwareapplications that are executed to facilitate any of the operations. Inexample implementations, one or more I/O interfaces facilitatecommunication between the computing device 100 and one or moreinput/output devices. For example, a universal serial bus port, a serialport, a disk drive, a CD-ROM drive, and/or one or more user interfacedevices, such as a display, keyboard, keypad, mouse, control panel,touch screen display, microphone, etc., may facilitate user interactionwith the computing device. The one or more I/O interfaces may beutilized to receive or collect data and/or user instructions from a widevariety of input devices. Received data may be processed by one or morecomputer processors as desired in various implementations of thedisclosed technology and/or stored in one or more memory devices.

While the computing device 100 has been described as one form forimplementing the techniques described herein, those having ordinaryskill in the art will appreciate that other, functionally equivalenttechniques may be employed. For example, as known in the art, some orall of the functionality implemented via executable instructions mayalso be implemented using firmware and/or hardware devices such asapplication specific integrated circuits (ASICs), programmable logicarrays, state machines, etc. Furthermore, other implementations of thedevice 100 may include a greater or lesser number of components thanthose illustrated.

FIG. 2 is a block diagram of an active smart device 200 illustratingsome of its components and their functional relationships in an exampleimplementation of the disclosed technology. An active smart device 200may include a power source and actively “listen” for compatible devicesand may be capable of searching for compatible devices. The active smartdevice 200 may be packaged in many forms, including, for example, acredit or payment card, a wearable device, or a key fob.

In some implementations, the active smart device 200 includes aprocessor 202, an energy storage device 212, a storage component 204,including executable instructions 206 and data 208, and a short-rangetransceiver 210, all operatively connected by a bus 228. The activesmart device 200 may also include one or more buttons 214, a display216, an accelerometer 218, a presence-sensitive input 220, and/or abiometric reader 224, all operatively connected to the bus 228.

The one or more buttons 214 may be metal-dome type contacts, conductiverubber contacts, or capacitive touch points. The display 216 may be anytype of conventional LCD, OLED, or eInk display, or one or more discreteLEDs. The accelerometer 218 may be configured to measure acceleration inone or more directions or axes, and is suitable for detecting andinterpreting physical gestures performed with the active smart device200. The presence-sensitive input device 220 may be sensitive to theclose proximity of adjacent objects or fingers, and includes, withoutlimitation, resistive and capacitive touchscreen overlays, a touchpad, adepth camera, which may be integrated with a display. The biometricreader 224 may be configured to record one or more identifyingmeasurements of the human body and relay them to the processor foridentification purposes. The biometric reader 224 may include, withoutlimitation, a fingerprint scanner or a camera for facial recognition.

The active smart device 200 may also include a charging circuit 226connected to the energy storage device 212. The charging circuit 226 maybe configured to charge the energy storage device 212 from aconventional physical connection (e.g. a USB connection) or wirelessly(e.g. an induction charging system), as will be understood to thoseskilled in the art. In some embodiments, energy storage device 212 is adevice configured to store electrical energy and discharge it as needed,such as a battery, capacitor, ultra-capacitor, or appropriatecombinations thereof.

FIG. 3 is a block diagram of a passive smart device 300 illustratingsome of its components and their functional relationships in accordancewith an example implementation of the disclosed technology. The passivesmart device 300 may not be self-powered or include an internal ordedicated power source. The passive smart device 300 may passively“listen” for a compatible interrogation signal, which it then uses topower its logic circuits and antenna. The passive smart device 300 maybe packaged in many forms, including a sticker or label, a credit,debit, or payment card, a wearable device (e.g. a smart watch, ring, orbracelet), or a key fob. In some examples, passive smart device 300includes a passive RFID tag, while in others it includes passive NFCtags. In some implementations, the passive smart device 300 includes aprocessor 302, an antenna 310, a storage component 304 includingexecutable instructions 306 and data 308, and a power collection circuit312, all operatively connected by a bus 320. The passive smart device300 may also include an energy storage device 318.

In operation, the antenna 310 of the passive smart device 300 mayreceive a compatible interrogation signal, which the power collectioncircuit 312 converts to a suitable electrical voltage to power the othercircuit components. In some embodiments, the power collection circuit312 may store excess converted energy in the energy storage device 318.In some embodiments, the passive smart device 300 may include an EMVchip 314 and/or a magnetic stripe 316 for conducting credit, debit orother financial card transactions using the appropriate card-readingtechnology, as will be understood by those skilled in the art.

In some embodiments, as described above, the passive smart device 300may take the form of a smart card, such as an EMV card, chip and PINcard, chip and signature card, or an RFID contactless card, issued by afinancial service provider. The smart card may store data on anintegrated circuit or other memory. Data may be exchanged in applicationprotocol data units (APDUs) between the smart card and an appropriatereader (e.g., a payment card terminal, a user's smartphone or anelectronic lock in accordance with an implementation of the disclosedtechnology) following predetermined protocols, including for example,ISO/IEC 7816, In some embodiments, this involves the reader sending acommand to a smart card, the smart card processing the command,determining an appropriate response to the command, and sending aresponse to the reader. In some embodiments, the initial request sent tothe smart card may identify a particular application stored on the smartcard by exchanging an application identifier, which is used to addressan application stored on the card and may further include a registeredapplication provider identifier. The request may also include aproprietary application identifier extension that differentiates amongstdifferent applications stored on the smart card.

In some embodiments, the reader may request the smart card to providethe processing options available on the smart card. The request mayinclude data elements required in a processing options data objects listsupplied by the smart card to the reader during the applicationselection exchange. The smart card may further provide a profile offunctions that can be performed and the location of files and datastored on the smart card that the reader needs to read from the smartcard. The reader may issue a read record command to the smart card toobtain the data needed for a transaction. The smart card may also storeauthentication data that can be read from the smart card to determine ifthe reader must receive additional data from the smart card user toverify the transaction. In some embodiments, the issuer of the smartcard may update the data or files stored on the smart card after it hasbeen issued, such as through issuer script processing, for example. Acommand can be sent to the smart card using issuer script processing tochange card parameters or add files to the smart card storage. In someembodiments, the communications to and/or from the smart card may beencrypted or include encrypted data.

FIG. 4 shows communication within an exemplary electronic access controlsystem, in accordance with an example implementation of the disclosedtechnology. The system may include a mobile computing device 100, anactive smart device 200, a door lock 400, an encrypted key server 500,and an authentication database 550 in communication with the encryptedkey server 500. In one embodiment, the mobile computing device 100 maysend a request 402 to the encrypted key server 500 for an encrypted key404 associated with a particular transaction (e.g. purchasing a hotelroom for a particular hotel stay). In some implementations, afterauthenticating or validating the request, the encrypted key server 500may return the encrypted key 404 to the mobile computing device 100. Themobile computing device 100 may then send a pairing request 406 to theactive smart device 200, which in turn responds with a link key 408,pairing the devices. Once the devices are paired, the mobile computingdevice 100 may send the encrypted key 404 to the active smart device200. When the user wants to access the restricted area (e.g. her hotelroom), the active smart device 200 may receive a pairing request or aninterrogation signal 410 from the door lock 400. The active smart device200 may then respond with the encrypted key 404. It is also contemplatedthat, in some embodiments, the encrypted key 404 may be not be encryptedor may contain some encrypted and unencrypted data, and the encryptedkey server 500 may transmit unencrypted and partially encrypted data.

In some embodiments the encrypted key server 500 may send the encryptedkey 404 to the door lock 400 and the mobile computing device 100simultaneously. In other embodiments, the door lock 400 may request 412the encrypted key 404 for comparison after receiving the encrypted key404 from the active smart device 200. In other embodiments, the doorlock 400 may transmit the received encrypted key 404 to the encryptedkey server 500 for comparison to stored key data associated with theactive smart device 200, and provide a response to the door lock 400directing the door lock 400 to unlock (e.g., to transition from a lockedstate to an unlocked state). The authentication database 550 may beconfigured to store authentication data associated with a hotel guest(and devices associated with the hotel guest). The stored authenticationdata may later be used to determine whether a device attempting tocommunication with the system is associated with an authenticated deviceof a hotel guest.

FIG. 5 shows communication within an exemplary electronic access controlsystem, in accordance with an example implementation of the disclosedtechnology. The system includes a mobile computing device 100, a passivesmart device 300, a door lock 400, an encrypted key server 500, and anauthentication database 550 in communication with the encrypted keyserver 500. In one embodiment, the mobile computing device 100 may sendan interrogation signal 502 to the passive smart device 300, which inturn responds with an unencrypted key 504. The mobile computing device100 then generates an encrypted key 506 and transmits the encrypted key506 to the encrypted key server 500. When the user wants to access therestricted area (e.g. her hotel room), the passive smart device 300 mayreceive an interrogation signal 508 from the door lock 400. The passivesmart device 300 may respond with the unencrypted key 504. It is alsocontemplated that, in some embodiments, the encrypted key 506 may be notbe encrypted or may contain some encrypted and unencrypted data, and theencrypted key server 500 may transmit unencrypted and partiallyencrypted data.

In some embodiments the encrypted key server 500 may send the encryptedkey 506 to the door lock 400. In other embodiments it may decrypt theencrypted key 506 and send the unencrypted key 504 to the door lock 400.The choice of embodiment will likely depend on security concerns. Insome embodiments, in which the door lock 400 is hardwired to theencrypted key server 500, sending an unencrypted key 504 may present alow security risk and simplify the door lock 400, because it will notneed to decrypt the encrypted key. However, when the key is sent to thedoor lock 400 over the air (e.g. via WiFi™), the security risks arehigher and a provider may prefer to send the encrypted key 506 which thedoor lock 400 must decrypt. In some embodiments, the encrypted keyserver 500 may send the key 504/506 to the door lock 400 at essentiallythe same time it receives it from the mobile computing device 100. Inother embodiments, the door lock 400 may request 510 the key 504/506 forcomparison after receiving the unencrypted key 504 from the passivesmart device 200. In other embodiments, the door lock 400 may transmitthe received encrypted key 504/506 to the encrypted key server 500 forcomparison to stored key data associated with the smart device, andprovide a response to the door lock 400 directing the door lock tounlock. The authentication database 550 may be configured to storeauthentication data associated with a hotel guest (and devicesassociated with the hotel guest). The stored authentication data maylater be used to determine whether a device attempting to communicationwith the system is associated with an authenticated device of a hotelguest.

FIG. 6 shows an exemplary method 600 of using a mobile computing device100 within an electronic access control system which uses a smartdevice, such as active smart device 200 or passive smart device 300, inaccordance with an example implementation of the disclosed technology.This flowchart represents one embodiment of using the system of FIG. 4,from the perspective of the mobile computing device 100. At 602, themobile computing device 100 may obtain remote check-in information froma user (e.g., directly from a user input 106 of the computing device100. In one embodiment, the remote check-in information may include aconfirmation of an existing reservation for access to a secure facility(e.g. a hotel room). In another embodiment, the remote check-ininformation may include making an online reservation and simultaneouslychecking-in. At 604, the mobile computing device 100 may transmit theremote check-in information to the encrypted key server 500. At 606, theencrypted key server 500 may return an encrypted key based on the remotecheck-in information. In some embodiments, the encrypted key server 500also sends additional metadata with the encrypted key. For example, theencrypted key server 500 may send data regarding the duration of theuser's stay, which the mobile computing device 100 may limit the validtime of use for the encrypted key.

At 608, the mobile computing device 100 may generate an encrypted keylimitation. The encrypted key limitation may limit the circumstancesunder which the smart device, such as active smart device 200 or passivesmart device 300, will transmit the encrypted key. Non-exhaustiveexamples of encrypted key limitations include: a time period duringwhich the encrypted key is valid; a minimum signal strength (indicatingproximity to the requesting device); a requesting device ID number (e.g.a smart lock ID associated with the assigned room number); gesturesperformed using the smart device and recorded using accelerometer (e.g.turning it over and back, shaking it side-to-side, etc.); gesturesperformed on a presence-sensitive device (e.g. swiping left or right,swiping a letter, numeral, other character, or other stored pattern,etc.); depressing one or more buttons on the smart device, including,but not limited to, a specific pattern (e.g., a code); and recording arequired biometric identity (e.g. a fingerprint, facial recognition,speaker recognition (voice biometrics), speaker verification (behavioralbiometrics), etc.). At 610, the mobile computing device 100 may pairwith the smart device. At 612, the mobile computing device 100 maytransmit the encrypted key to the smart device 200 or 300. Afterreceiving a valid key from the smart device 200 or 300, system maydirect the electronic lock to transition from a locked state to anunlocked state (not shown), thereby allowing the hotel guest to enterthe room.

FIG. 7 shows an exemplary method 700 of using an active smart device 200within an electronic access control system in accordance with an exampleimplementation of the disclosed technology. This flowchart representsone embodiment of using the system of FIG. 4 from the perspective of asmart device, such as active smart device 200 or passive smart device300. For illustrative purposes, this exemplary method is described usingan active smart device 200, but it will be appreciated that a passivesmart device 300 could also be used in such method. At 702, the activesmart device 200 may receive a pairing request from the mobile computingdevice 100. At 704, the active smart device 200 may attempt to pair withthe mobile computing device 100. At 706, the active smart device 200 maydetermine whether the pairing was successful. If it was successful, itmay proceed to obtain the encrypted key at 708. If the pairing wasunsuccessful, the active smart device 200 may wait for another discoveryrequest.

At 710, the active smart device 200 may obtain the encrypted keylimitation from the mobile computing device 100. After a triggeringevent, such as, for example, a detection of the active smart device 200when it enters a predetermine range of the door lock 400, the activesmart device 200 may obtain a pairing request or interrogation signalfrom the door lock 400, shown at 712. At 714, the active smart device200 may determine whether the encrypted key limitation has been met. Ifthe limitation has been met, the active smart device 200 may transmitthe encrypted key to the door lock 400, as shown at 718. If theencrypted key limitation has not been met 720, the active smart device200 may standby (e.g., without taking further action) until receivinganother discovery request.

FIG. 8 shows another exemplary method 800 of using an active smartdevice 200 within an electronic access control system in accordance withan example implementation of the disclosed technology. This flowchartrepresents one embodiment of using the system of FIG. 4 from theperspective of the active smart device 200. In this embodiment, the userinitiates the interaction between the active smart device 200 and thedoor lock 400, rather than it being automatic. At 802, the active smartdevice 200 may receive a pairing request from the mobile computingdevice 100. At 804, the active smart device 200 may attempt to pair withthe mobile computing device 100. At 806, the active smart device 200 maydetermine whether the pairing was successful. If it was successful, itmay proceed to obtain the encrypted key at 808. If it was notsuccessful, the active smart device 200 may standby until it receivesanother discovery request. At 810, the active smart device 200 mayobtain the encrypted key limitation from the mobile computing device100.

At 812, the active smart device 200 may receive activation input fromthe user. In some exemplary embodiments, the activation input may be oneor more of: a gesture performed using the entire active smart device200, a gesture performed on a presence-sensitive device, depressing oneor more buttons on the active smart device 200, including, but notlimited to, a specific pattern (e.g., a code); and recording an requirebiometric input, as described above. In another embodiment, theactivation input may also be the encrypted key limitation. At 814, theactive smart device 200 may transmit a pairing request or interrogationsignal to the door lock 400 in response to the activation input. At 816,the active smart device 200 may pair with the door lock 400 or receivesanother appropriate response from the door lock 400. In one embodiment,the response from the door lock 400 may be the encrypted key limitation(e.g. the room number). At 818, the active smart device 200 maydetermine whether the encrypted key limitation has been met. If it has,the active smart device 200 may transmit 822 the encrypted key to thedoor lock 400. If not, the active smart device 200 may standby (e.g.,without taking further action) until receiving a valid activation inputfrom a user.

FIG. 9 shows an exemplary method 900 of using an electronic accesscontrol system with a passive smart device 200 in accordance with anexample implementation of the disclosed technology. This flowchartrepresents one embodiment of using the system of FIG. 5 with a passivesmart device 300. Because the passive smart device 300 may be lesssuitable for making decisions about authentication, this embodimentauthenticates with a different component of the system than the passivesmart device 300. In this embodiment, the mobile computing device 100may encrypt and send the key to the encrypted key server 500, ratherthan the other way around. This allows the passive smart device 300 tounlock the door using an unencrypted key while maintaining security,because the unencrypted key from the passive smart device 300 may beuseless without its encrypted counterpart, in some embodiments, asdescribed herein.

At 902, the mobile computing device 100 may receive check-in informationfrom a user. At 904, the mobile computing device 100 may transmit aninterrogation signal to the passive smart device 300. At 906, thepassive smart device 300 may return an unencrypted key to the mobilecomputing device 100 in response to the interrogation signal. At 908,the mobile computing device 100 may create an encrypted key based on theunencrypted key from the passive smart device 200. At 910, the mobilecomputing device 100 may transmit the encrypted key to the encrypted keyserver 500. At 912, the encrypted key server 500 may transmit theencrypted key to the door lock 400. As previously noted with respect toanother embodiment, the encrypted key server 500 may decrypt theencrypted key and send the unencrypted key to the door lock 400 if thephysical security of the facility makes this a low-risk proposition(e.g. if the door lock 400 s are hardwired to the server).

At 914, the door lock 400 may transmit an interrogation signal to thepassive smart device 300. At 916, the passive smart device 300 mayrespond to an appropriate interrogation signal with the unencrypted key.At 918, the door lock 400 may decrypt the encrypted key in response toreceiving the unencrypted key. At 920, the door lock 400 may determinewhether the decrypted key matches the unencrypted key received from thepassive smart device 200. If the keys match, 922 the system may directthe electronic lock to transition from a locked state to an unlockedstate, thereby allowing the hotel guest to open the door. If the keysdon't match, as shown in 924, the door lock 400 may continue toperiodically transmit interrogation signals.

FIG. 10 shows an exemplary method 1000 for authenticating the passivesmart device 300 in accordance with an example implementation of thedisclosed technology. This flowchart represents one embodiment of usingthe system of FIG. 5 with a passive smart device 300. As shown at 1002,the system may receive an authentication request from the computingdevice 100, which may be a mobile or stationary computing device. Theauthentication request may comprise ID data associated with the passivesmart device 300. For example, the authentication request may include adevice ID number or a model number and corresponding key code associatedwith a device ID number or model number and corresponding key code, orrepresentative numbers or codes thereof, stored on the passive mobiledevice 300.

After receiving the authentication request, the system may determine1004 whether the authentication request corresponds to storedauthentication data. That is, for example, the system may determinewhether the information included in the authentication requestcorresponds to and/or matches stored information relating to a hotelguest or a device associated with the hotel guest. In this manner, thesystem may store payment card information when the guest books the hotelreservation, and determine that the authentication request correspondsto the previously used payment card on file for that guest.

Based on the determination 1004, the system may store ID data associatedwith the passive smart device 300, as shown at 1006. For example, insome embodiments, the server 500 may send the ID data to theauthentication database 550 for storage.

Upon a triggering event (e.g., the passive smart device 300 entering apredetermined area), the system may receive detection data 1008corresponding to a detection of the passive smart device 300. Inresponse, the system may obtain 1010 an identifier from the passivesmart device 300. For example, the system may send a request to thepassive smart device 300 that powers the passive smart device 300 andenables it to respond to the request by providing the identifier.

The system may determine 1012 whether the obtained identifiercorresponds to the stored ID data. For example, the system may comparethe number or unique code on the identifier sent by the passive smartdevice 300 with the stored ID data of the passive smart device on filefor the hotel guest at that particular hotel room. Based on thecomparison, the system may determine whether the detected passive smartdevice 300 is an authenticated smart device for that electronic lock. Ifthe detected passive smart device 300 is an authenticated smart device,the system may direct 1014 the electronic lock to transition from alocked state to an unlocked state.

FIG. 11 shows another exemplary method 1100 for authenticating thepassive smart device 300 in accordance with an example implementation ofthe disclosed technology. This flowchart represents one embodiment ofusing the system of FIG. 5 with a passive smart device 300. As shown at1102, the system may receive an authentication request from thecomputing device 100, similar to step 1002 of method 1000. Theauthentication request may comprise ID data associated with the passivesmart device 300. For example, the authentication request may include adevice ID number or a model number and corresponding key code associatedwith a device ID number or model number and corresponding key code, orrepresentative numbers or codes thereof, stored on the passive mobiledevice 300.

After receiving the authentication request, the system may determine1104 whether the authentication request corresponds to storedauthentication data, similar to step 1004 of method 1000. Based on thedetermination 1104, the system may store ID data associated with thepassive smart device 300, as shown at 1106. For example, in someembodiments, the server 500 may send the ID data to the authenticationdatabase 550 for storage.

The system may also receive 1108 secondary authentication data, andstore 1110 it with the stored ID data. In some embodiments, thesecondary authentication data may come from the mobile computing device100 or from the passive smart device 300, and may be pre-existing,automatically generated, or entered by the user. The secondaryauthentication data may form an extra layer of security, either bypreventing the passive smart device 300 from communicating with certaindevices (e.g., locks outside of a predetermined range) or by preventingthe system from determining that a detected smart device isauthenticated without requiring the secondary authentication data.

Upon a triggering event (e.g., the passive smart device 300 entering apredetermined area), the system may receive detection data 1112corresponding to a detection of the passive smart device 300. Inresponse, the system may obtain 1114 an identifier from the passivesmart device 300. For example, the system may send a request to thepassive smart device 300 that powers the passive smart device 300 andenables it to respond to the request by providing the identifier. Thesystem may also receive secondary attempt data 1116 from the computingdevice 100. The secondary attempt data may correspond with thepreviously provided secondary authentication data. In some embodiments,the passive smart device 300 may provide the secondary attempt data tothe system.

The system may determine 1118 whether the obtained identifiercorresponds to the stored ID data and determine 1120 whether thesecondary attempt data corresponds with the stored secondaryauthentication data. For example, the system may compare the number orunique code on the identifier sent by the passive smart device 300 withthe stored ID data of the passive smart device on file for the hotelguest at that particular hotel room. As a secondary level of security,the system may further compare the obtained secondary authenticationattempt data with the stored secondary authentication data. Based on thecomparisons, the system may determine whether the detected passive smartdevice 300 is an authenticated smart device for that electronic lock. Ifthe detected passive smart device 300 is an authenticated smart device,the system may direct 1122 the electronic lock to transition from alocked state to an unlocked state.

In some embodiments, a smart device may include a processor and anenergy storage device operatively connected to the processor. The smartdevice may also include a wireless transceiver operatively connected tothe processor and the energy storage device. The smart device mayfurther include memory operatively connected to the processor. Thememory may include instructions which, when executed by the processor,perform a method comprising several steps. One step may includewirelessly pairing with the mobile computing device. Another step mayinclude wirelessly obtaining an encrypted key from the mobile computingdevice. A further step may include wirelessly obtaining at least oneencrypted key limitation from the mobile computing device. Afterwards, awireless service communication request may be obtained from a lock.Another step may include determining if the at least one encrypted keylimitation has been met. After making this determination, the encryptedkey may be transmitted to the lock when the at least one encrypted keylimitation has been met.

In some embodiments, the method performed when the processor executesthe instructions may further include measuring a wireless signalstrength from the door lock. The at least one encrypted key limitationmay include a minimum wireless signal strength.

In other embodiments, the method performed when the processor executesthe instructions may further include obtaining an expiration time fromthe mobile computing device, and disabling the encrypted key when theexpiration time is reached.

In some embodiments, the smart device may include additional components.For example, in one embodiment, the smart device may include anaccelerometer, and the at least one encrypted key limitation may includeat least one gesture performed with the smart device. In anotherexemplary embodiment, the smart device may include at least one button,and the at least one encrypted key limitation may include depressing theat least one button one or more times. In yet another embodiment, thesmart device may include a biometric reader, and the at least oneencrypted key limitation may include a biometric identifier associatedwith a user. In another embodiment, the smart device may include apresence-sensitivity display, and the at least one encrypted keylimitation comprises at least one gesture performed on thepresence-sensitivity display. Further, the smart device may include acharging circuit for the energy storage device.

In some embodiments, the wireless transceiver may include at least oneof a NFC transceiver, a Bluetooth transceiver, a low-energy Bluetoothtransceiver, a RFID transceiver, and an ABC.

In other embodiments, a smart device may include a processor and anenergy storage device operatively connected to the processor. The smartdevice may also include a wireless transceiver operatively connected tothe processor and the energy storage device. The smart device mayfurther include memory operatively connected to the processor. Thememory may include instructions which, when executed by the processor,perform a method comprising several steps. One step may includeobtaining remote check-information from a user. Once obtained, theremote check-in information may be transmitted to an encrypted keyserver. Another step may include generating at least one encrypted keylimitation. A further step may include wirelessly pairing with a smartdevice. After pairing with the smart device, the encrypted key and theat least one encrypted key limitation may be transmitted to the smartdevice.

It is contemplated that the method performed when the processor executesthe instructions may further include generating an expiration time forthe encrypted key, after which it will be disabled, and transmitting theexpiration time for the encrypted key to the smart device.

In some embodiments, the at least one encrypted key limitation mayinclude one or more of a minimum wireless signal strength, at least onegesture performed with the smart device, depressing at least one buttonon the smart device one or more times, a biometric identifier associatedwith a user which can be measured by the smart device, and at least onegesture performed on a presence-sensitivity display of the smart device.

In some embodiments, the smart device may also include a chargingcircuit for the energy storage device. It is contemplated that thewireless transceiver in the smart device may include at least one of aNFC transceiver, a Bluetooth transceiver, a low-energy Bluetoothtransceiver, a RFID transceiver, and an ABC.

In further embodiments, a system may include a RFID transceiverconfigured to transmit an unencrypted key in response to a designatedinterrogating radio signal. The system may also include a computingdevice configured to transmit, via a third RFID transceiver, thedesignated interrogating radio signal to any RFID-enabled devices withinrange. The computing device may also be configured to receive, via thethird RFID transceiver, the unencrypted key in response to thedesignated interrogating radio signal. Further, the computing device maybe configured to generate an encrypted key based on the unencrypted key.The computing device may be further configured to transmit the encryptedkey to an encrypted key server. The system may also include anelectronic door lock configured to obtain an encrypted key from theencrypted key server. The door lock may be configured to transmit, via asecond RFID transceiver, the designated interrogating radio signal toany RFID-enabled devices within range. The door lock may also beconfigured to receive, via the second RFID transceiver, the unencryptedkey in response to the designated interrogating radio signal. The doorlock may be further configured to unlock in response to the unencryptedkey when the unencrypted key corresponds to the encrypted key from theserver.

In some embodiments, the designated interrogating radio signal in thesystem may power the first RFID transceiver. The design andfunctionality described in this application is intended to be exemplaryin nature and is not intended to limit the instant disclosure in anyway. Those having ordinary skill in the art will appreciate that theteachings of the disclosure may be implemented in a variety of suitableforms, including those forms disclosed herein and additional forms knownto those having ordinary skill in the art. For example, one skilled inthe art will recognize that executable instructions may be stored on anon-transient, computer-readable storage medium, such that when executedby one or more processors, causes the one or more processors toimplement the method described above.

As used in this application, the terms “component,” “module,” “system”and the like are intended to include a computer-related entity, such asbut not limited to hardware, firmware, a combination of hardware andsoftware, software, or software in execution. For example, a componentmay be, but is not limited to being, a process running on a processor,an object, an executable, a thread of execution, a program, and/or acomputer. By way of illustration, both an application running on acomputing device and the computing device can be a component. One ormore components can reside within a process and/or thread of executionand a component may be localized on one computer and/or distributedbetween two or more computers. In addition, these components can executefrom various computer readable media having various data structuresstored thereon. The components may communicate by way of local and/orremote processes such as in accordance with a signal having one or moredata packets, such as data from one component interacting with anothercomponent in a local system, distributed system, and/or across a networksuch as the Internet with other systems by way of the signal.

Certain embodiments and implementations of the disclosed technology aredescribed above with reference to block and flow diagrams of systems andmethods and/or computer program products according to exampleembodiments or implementations of the disclosed technology. It will beunderstood that one or more blocks of the block diagrams and flowdiagrams, and combinations of blocks in the block diagrams and flowdiagrams, respectively, can be implemented by computer-executableprogram instructions. Likewise, some blocks of the block diagrams andflow diagrams may not necessarily need to be performed in the orderpresented, may be repeated, or may not necessarily need to be performedat all, according to some embodiments or implementations of thedisclosed technology.

These computer-executable program instructions may be loaded onto ageneral-purpose computer, a special-purpose computer, a processor, orother programmable data processing apparatus to produce a particularmachine, such that the instructions that execute on the computer,processor, or other programmable data processing apparatus create meansfor implementing one or more functions specified in the flow diagramblock or blocks. These computer program instructions may also be storedin a computer-readable memory that can direct a computer or otherprogrammable data processing apparatus to function in a particularmanner, such that the instructions stored in the computer-readablememory produce an article of manufacture including instruction meansthat implement one or more functions specified in the flow diagram blockor blocks.

As an example, embodiments or implementations of the disclosedtechnology may provide for a computer program product, including acomputer-usable medium having a computer-readable program code orprogram instructions embodied therein, said computer-readable programcode adapted to be executed to implement one or more functions specifiedin the flow diagram block or blocks. Likewise, the computer programinstructions may be loaded onto a computer or other programmable dataprocessing apparatus to cause a series of operational elements or stepsto be performed on the computer or other programmable apparatus toproduce a computer-implemented process such that the instructions thatexecute on the computer or other programmable apparatus provide elementsor steps for implementing the functions specified in the flow diagramblock or blocks.

Accordingly, blocks of the block diagrams and flow diagrams supportcombinations of means for performing the specified functions,combinations of elements or steps for performing the specifiedfunctions, and program instruction means for performing the specifiedfunctions. It will also be understood that each block of the blockdiagrams and flow diagrams, and combinations of blocks in the blockdiagrams and flow diagrams, can be implemented by special-purpose,hardware-based computer systems that perform the specified functions,elements or steps, or combinations of special-purpose hardware andcomputer instructions.

Certain implementations of the disclosed technology are described abovewith reference to mobile computing devices. Those skilled in the artrecognize that there are several categories of mobile devices, generallyknown as portable computing devices that can run on batteries but arenot usually classified as laptops. For example, mobile devices caninclude, but are not limited to portable computers, tablet PCs, internettablets, PDAs, ultra mobile PCs (UMPCs), wearable devices, andsmartphones. Additionally, implementations of the disclosed technologycan be utilized with internet of things (IoT) devices, smart televisionsand media devices, appliances, automobiles, toys, and voice commanddevices, along with peripherals that interface with these devices.

In this description, numerous specific details have been set forth. Itis to be understood, however, that implementations of the disclosedtechnology may be practiced without these specific details. In otherinstances, well-known methods, structures and techniques have not beenshown in detail in order not to obscure an understanding of thisdescription. References to “one embodiment,” “an embodiment,” “someembodiments,” “example embodiment,” “various embodiments,” “oneimplementation,” “an implementation,” “example implementation,” “variousimplementations,” “some implementations,” etc., indicate that theimplementation(s) of the disclosed technology so described may include aparticular feature, structure, or characteristic, but not everyimplementation necessarily includes the particular feature, structure,or characteristic. Further, repeated use of the phrase “in oneimplementation” does not necessarily refer to the same implementation,although it may.

Throughout the specification and the claims, the following terms take atleast the meanings explicitly associated herein, unless the contextclearly dictates otherwise. The term “connected” means that onefunction, feature, structure, or characteristic is directly joined to orin communication with another function, feature, structure, orcharacteristic. The term “coupled” means that one function, feature,structure, or characteristic is directly or indirectly joined to or incommunication with another function, feature, structure, orcharacteristic. The term “or” is intended to mean an inclusive “or.”Further, the terms “a,” “an,” and “the” are intended to mean one or moreunless specified otherwise or clear from the context to be directed to asingular form. By “comprising” or “containing” or “including” is meantthat at least the named element, or method step is present in article ormethod, but does not exclude the presence of other elements or methodsteps, even if the other such elements or method steps have the samefunction as what is named.

While certain embodiments of this disclosure have been described inconnection with what is presently considered to be the most practicaland various embodiments, it is to be understood that this disclosure isnot to be limited to the disclosed embodiments, but on the contrary, isintended to cover various modifications and equivalent arrangementsincluded within the scope of the appended claims. Although specificterms are employed herein, they are used in a generic and descriptivesense only and not for purposes of limitation.

This written description uses examples to disclose certain embodimentsof the technology and also to enable any person skilled in the art topractice certain embodiments of this technology, including making andusing any apparatuses or systems and performing any incorporatedmethods. The patentable scope of certain embodiments of the technologyis defined in the claims, and may include other examples that occur tothose skilled in the art. Such other examples are intended to be withinthe scope of the claims if they have structural elements that do notdiffer from the literal language of the claims, or if they includeequivalent structural elements with insubstantial differences from theliteral language of the claims.

Exemplary Use Case

The following exemplary use case describes one example a typical userflow pattern. It is intended solely for explanatory purposes and not inlimitation. In this example, the user has already made a reservationwith a hotel and is traveling with her smartphone and a smart device(e.g., a smart card). From the user's perspective, it doesn't matterwhether the smart device is active or passive. Either in advance of orupon arriving at the hotel, the user may check-in to the hotel via hersmartphone (e.g., via a mobile application or a mobile web browser),thereby avoiding the line at the front desk. During the check-inprocess, the smartphone may provide a notification to the user thatincludes particulars of the hotel stay, including the hotel room number.

The smartphone and the smart card may pair and exchange information(either automatically or at the direction of the user via the smartphoneduring the check-in process). Alternatively, it is contemplated that thesmartphone and the smart card may have previously paired and exchangedinformation ahead of the check-in process. Regardless of when thedevices pair, the user may proceed directly to the designated hotelroom, bypassing the hotel front desk. As the user (and the smart card)approaches the designated hotel room, a detection device (which may bedisposed within or in communication with the electronic lock on thehotel door) may detect the presence of the smart card, and in response,request the key or an identifier from the smart card. Whether active(independently powered) or passive (powered by the system request), thesmart card may provide the proper key and/or identifier to the system,which in turn directs the electronic lock to transition from a lockedstate to an unlocked state, and the user may proceed to open the hotelroom door. Along the way, it is contemplated that the smart phone isconfigured to provide the user with notifications with status updates(e.g., smart card is authenticated, Room #1001 is now unlocked, etc.).

For convenience and ease of discussion, implementations of the disclosedtechnology are described above in connection with a financial or bankingaccount associated with a user. It is to be understood that thedisclosed implementations are not limited to financial service provideror banking accounts and are applicable to various other accountsassociated with a user's sensitive information (e.g., utility/serviceaccounts, medical information, and various other sensitive information).

Certain implementations of the disclosed technology are described abovewith reference to block and flow diagrams of systems and methods and/orcomputer program products according to example implementations of thedisclosed technology. It will be understood that one or more blocks ofthe block diagrams and flow diagrams, and combinations of blocks in theblock diagrams and flow diagrams, respectively, can be implemented bycomputer-executable program instructions. Likewise, some blocks of theblock diagrams and flow diagrams may not necessarily need to beperformed in the order presented, may be repeated, or may notnecessarily need to be performed at all, according to someimplementations of the disclosed technology.

These computer-executable program instructions may be loaded onto ageneral-purpose computer, a special-purpose computer, a processor, orother programmable data processing apparatus to produce a particularmachine, such that the instructions that execute on the computer,processor, or other programmable data processing apparatus create meansfor implementing one or more functions specified in the flow diagramblock or blocks. These computer program instructions may also be storedin a computer-readable memory that can direct a computer or otherprogrammable data processing apparatus to function in a particularmanner, such that the instructions stored in the computer-readablememory produce an article of manufacture including instruction meansthat implement one or more functions specified in the flow diagram blockor blocks. As an example, implementations of the disclosed technologymay provide for a computer program product, including a computer-usablemedium having a computer-readable program code or program instructionsembodied therein, said computer-readable program code adapted to beexecuted to implement one or more functions specified in the flowdiagram block or blocks. Likewise, the computer program instructions maybe loaded onto a computer or other programmable data processingapparatus to cause a series of operational elements or steps to beperformed on the computer or other programmable apparatus to produce acomputer-implemented process such that the instructions that execute onthe computer or other programmable apparatus provide elements or stepsfor implementing the functions specified in the flow diagram block orblocks.

Accordingly, blocks of the block diagrams and flow diagrams supportcombinations of means for performing the specified functions,combinations of elements or steps for performing the specifiedfunctions, and program instruction means for performing the specifiedfunctions. It will also be understood that each block of the blockdiagrams and flow diagrams, and combinations of blocks in the blockdiagrams and flow diagrams, can be implemented by special-purpose,hardware-based computer systems that perform the specified functions,elements or steps, or combinations of special-purpose hardware andcomputer instructions.

Throughout the specification and the claims, the following terms take atleast the meanings explicitly associated herein, unless the contextclearly dictates otherwise. The term “connected” means that onefunction, feature, structure, or characteristic is directly joined to orin communication with another function, feature, structure, orcharacteristic. The term “coupled” means that one function, feature,structure, or characteristic is directly or indirectly joined to or incommunication with another function, feature, structure, orcharacteristic. The term “or” is intended to mean an inclusive “or.”Further, the terms “a,” “an,” and “the” are intended to mean one or moreunless specified otherwise or clear from the context to be directed to asingular form.

As used herein, unless otherwise specified the use of the ordinaladjectives “first,” “second,” “third,” etc., to describe a commonobject, merely indicate that different instances of like objects arebeing referred to, and are not intended to imply that the objects sodescribed must be in a given sequence, either temporally, spatially, inranking, or in any other manner.

While certain implementations of the disclosed technology have beendescribed in connection with what is presently considered to be the mostpractical and various implementations, it is to be understood that thedisclosed technology is not to be limited to the disclosedimplementations, but on the contrary, is intended to cover variousmodifications and equivalent arrangements included within the scope ofthe appended claims. Although specific terms are employed herein, theyare used in a generic and descriptive sense only and not for purposes oflimitation.

This written description uses examples to disclose certainimplementations of the disclosed technology, including the best mode,and also to enable any person skilled in the art to practice certainimplementations of the disclosed technology, including making and usingany devices or systems and performing any incorporated methods. Thepatentable scope of certain implementations of the disclosed technologyis defined in the claims, and may include other examples that occur tothose skilled in the art. Such other examples are intended to be withinthe scope of the claims if they have structural elements that do notdiffer from the literal language of the claims, or if they includeequivalent structural elements with insubstantial differences from theliteral language of the claims.

The invention claimed is:
 1. A method for automatically providingphysical access to a restricted area associated with an entity, themethod comprising: receiving reservation data associated with areservation request for access to a restricted area, the reservationdata comprising first identification data associated with a smarttransaction card associated with a financial account of a user, thesmart transaction card being issued by a financial service provider thatis different from the entity; storing the reservation data on a datastorage device; receiving check-in data associated with a check-inrequest, the check-in request corresponding to the reservation request,wherein the check-in data comprises second identification dataassociated with the smart transaction card; responsive to determiningthat the second identification data matches the first identificationdata, storing the reservation data as stored authentication data;receiving detection data corresponding to a detection of the smarttransaction card when the smart transaction card enters a predeterminedlocation range associated with an electronic lock; obtaining anidentifier from the smart transaction card and via the electronic lock;and responsive to determining that the identifier matches the firstidentification data of the stored authentication data, directing theelectronic lock to transition from a locked state to an unlocked state.2. The method of claim 1, further comprising: responsive to receivingthe detection data, transmitting a request for the identifier from thesmart transaction card.
 3. The method of claim 1, further comprising:responsive to receiving the detection data or responsive to obtainingthe identifier from the smart transaction card, transmitting a requestfor secondary authentication data.
 4. The method of claim 3, wherein therequest for the secondary authentication data is transmitted to acomputing device.
 5. The method of claim 1, further comprising: prior todirecting the electronic lock to transition from a locked state to anunlocked state, determining whether the identifier was received during atime period in which the identifier is valid.
 6. A system forauthenticating a smart transaction card associated with a financialaccount of a user for unlocking an electronic lock associated with anentity, the system comprising: one or more memory devices storinginstructions; and one or more processors configured to execute theinstructions to: receive detection data corresponding to a detection ofthe smart transaction card when the smart transaction card enters apredetermined location range associated with the electronic lock;obtain, in response to the detection, an identifier from the smarttransaction card; obtain, within a predetermined time following thedetection, secondary authentication data from a computing deviceassociated with the smart transaction card; and responsive todetermining that (i) the identifier corresponds to stored identificationdata corresponding to previously received smart transaction card dataand (ii) the secondary authentication data corresponds to storedsecondary identification data, direct the electronic lock to transitionfrom a locked state to an unlocked state, wherein the smart transactioncard is issued by a financial service provider that is different fromthe entity.
 7. The system of claim 6, wherein the one or more processorsbeing configured to execute the instructions to obtain the identifierfrom the smart transaction card further comprises sending an identifierrequest to the smart transaction card, the identifier request providingpower to a power collection circuit of the smart transaction card toenable to the smart transaction card to provide the identifier.
 8. Thesystem of claim 7, wherein the smart transaction card comprises one ormore of a passive radio-frequency identification (RFID) tag or a passivesmart tag.
 9. The system of claim 8, wherein an external power supplycomprises one or more of an RFID reader device and a smart tag readerdevice.
 10. A system for authenticating a smart transaction cardassociated with a financial account of a user for unlocking an assignedelectronic lock of a plurality of electronic locks associated with anentity, the system comprising: one or more memory devices storinginstructions; and one or more processors configured to execute theinstructions to: receive a reservation request for access to arestricted area during a reservation time; store the reservation requestas stored reservation data; obtain, from a computing device, check-ininformation for the user; responsive to determining that the check-ininformation corresponds to the stored reservation data, store key data,the stored key data corresponding to an identifier associated with asmart transaction card associated with the user; transmit, to thecomputing device, a lock identifier associated with the assignedelectronic lock of the plurality of electronic locks; receive, from thesmart transaction card and via the assigned electronic lock, key data;and responsive to determining that the key data corresponds to thestored key data, direct the assigned electronic lock to transition froma locked state to an unlocked state, wherein the smart transaction cardis issued by a financial service provider that is different from theentity.
 11. The system of claim 10, wherein the one or more processorsis configured to execute the instructions to: responsive to determiningthat the check-in information corresponds to the stored reservationdata, transmit the key data to the smart transaction card.
 12. Thesystem of claim 10, wherein the one or more processors is configured toexecute the instructions to: responsive to determining that the check-ininformation corresponds to the stored reservation data, receive the keydata from the smart transaction card.
 13. The system of claim 10,wherein the one or more processors is configured to execute theinstructions to: generate an expiration time for the key data, theexpiration time corresponding to the reservation request; and prior todirecting the assigned electronic lock to transition from the lockedstate to the unlocked state, determine that the expiration time has notexpired.
 14. The system of claim 10, wherein the one or more processorsis configured to execute the instructions to: generate at least one keylimitation; and transmit the at least one key limitation to the smarttransaction card.